Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:16358
gsoap.openSUSE_Backports_SLE-15-SP3
gsoap-plugins-hardening.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gsoap-plugins-hardening.patch of Package gsoap.openSUSE_Backports_SLE-15-SP3
Origin: https://src.fedoraproject.org/rpms/gsoap/c/48ce27e1b81f592f1247b85139cd415ae76d389b?branch=rawhide Rediffed for 2.8.102. --- gsoap/plugin/httpda.c | 2 +- gsoap/plugin/wsaapi.c | 2 +- gsoap/plugin/wsseapi.c | 36 ++++++++++++++++++------------------ gsoap/plugin/wsseapi.cpp | 36 ++++++++++++++++++------------------ 4 files changed, 38 insertions(+), 38 deletions(-) Index: gsoap-2.8.102/gsoap/plugin/httpda.c =================================================================== --- gsoap-2.8.102.orig/gsoap/plugin/httpda.c +++ gsoap-2.8.102/gsoap/plugin/httpda.c @@ -1460,7 +1460,7 @@ http_da_session_update(const char *realm MUTEX_LOCK(http_da_session_lock); for (session = http_da_session; session; session = session->next) - if (!strcmp(session->realm, realm) && !strcmp(session->nonce, nonce) && !strcmp(session->opaque, opaque)) + if (session->realm && session->nonce && session->opaque && !strcmp(session->realm, realm) && !strcmp(session->nonce, nonce) && !strcmp(session->opaque, opaque)) break; if (session) Index: gsoap-2.8.102/gsoap/plugin/wsaapi.c =================================================================== --- gsoap-2.8.102.orig/gsoap/plugin/wsaapi.c +++ gsoap-2.8.102/gsoap/plugin/wsaapi.c @@ -1056,7 +1056,7 @@ soap_wsa_fault_subcode_action(struct soa oldheader->SOAP_WSA(FaultTo)->Address = oldheader->SOAP_WSA(ReplyTo)->Address; } /* use FaultTo */ - if (oldheader && oldheader->SOAP_WSA(FaultTo) && !strcmp(oldheader->SOAP_WSA(FaultTo)->Address, soap_wsa_noneURI)) + if (oldheader && oldheader->SOAP_WSA(FaultTo) && oldheader->SOAP_WSA(FaultTo)->Address && !strcmp(oldheader->SOAP_WSA(FaultTo)->Address, soap_wsa_noneURI)) return soap_send_empty_response(soap, SOAP_OK); /* HTTP ACCEPTED */ soap->header = NULL; /* allocate a new header */ Index: gsoap-2.8.102/gsoap/plugin/wsseapi.c =================================================================== --- gsoap-2.8.102.orig/gsoap/plugin/wsseapi.c +++ gsoap-2.8.102/gsoap/plugin/wsseapi.c @@ -2956,7 +2956,7 @@ soap_wsse_verify_Password(struct soap *s else { /* check password text */ - if (!strcmp(token->Password->__item, password)) + if (token->Password->__item && !strcmp(token->Password->__item, password)) return SOAP_OK; } } @@ -3118,6 +3118,7 @@ soap_wsse_get_BinarySecurityToken(struct { _wsse__BinarySecurityToken *token = soap_wsse_BinarySecurityToken(soap, id); DBGFUN1("soap_wsse_get_BinarySecurityToken", "id=%s", id?id:""); + *data = NULL; if (token) { *valueType = token->ValueType; @@ -3148,9 +3149,9 @@ soap_wsse_get_BinarySecurityTokenX509(st X509 *cert = NULL; char *valueType = NULL; #if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) - const unsigned char *data; + const unsigned char *data = NULL; #else - unsigned char *data; + unsigned char *data = NULL; #endif int size; DBGFUN1("soap_wsse_get_BinarySecurityTokenX509", "id=%s", id?id:""); @@ -3270,7 +3271,7 @@ int SOAP_FMAC2 soap_wsse_add_SecurityContextToken(struct soap *soap, const char *id, const char *identifier) { - char *URI; + char *URI = NULL; size_t l; _wsse__Security *security = soap_wsse_add_Security(soap); DBGFUN2("soap_wsse_add_SecurityContextToken", "id=%s", id, "identifier=%s", identifier?identifier:""); @@ -3652,7 +3653,7 @@ soap_wsse_add_SignatureValue(struct soap { ds__SignatureType *signature = soap_wsse_add_Signature(soap); const char *method = NULL; - char *sig; + char *sig = NULL; int siglen; int err; const char *c14ninclude = soap->c14ninclude; @@ -3883,10 +3884,10 @@ soap_wsse_verify_SignatureValue(struct s && signature->SignedInfo && signature->SignatureValue) { - char *sig; - const char *sigval; + char *sig = NULL; + const char *sigval = NULL; int method, bits, siglen, sigvallen; - struct soap_dom_element *elt; + struct soap_dom_element *elt = NULL; /* check that we are using the intended signature algorithm */ if (soap_wsse_get_SignedInfo_SignatureMethod(soap, &method, &bits)) return soap->error; @@ -3943,8 +3944,8 @@ soap_wsse_verify_SignatureValue(struct s for (att = prt->atts; att; att = att->next) { DBGLOG(TEST, SOAP_MESSAGE(fdebug, "DOM attribute = %s\n", att->name)); - if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6))) - soap_attribute(soap, att->name, att->text); + if (att->name && att->text && !strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6))) + (void)soap_attribute(soap, att->name, att->text); } } /* push xmlns="..." */ @@ -3952,7 +3953,7 @@ soap_wsse_verify_SignatureValue(struct s { for (att = prt->atts; att; att = att->next) { - if (!strcmp(att->name, "xmlns")) + if (att->name && att->text && !strcmp(att->name, "xmlns")) { soap_attribute(soap, att->name, att->text); break; @@ -4243,7 +4244,7 @@ soap_wsse_verify_digest(struct soap *soa { for (att = prt->atts; att; att = att->next) { - if (!strcmp(att->name, "xmlns")) + if (att->name && att->text && !strcmp(att->name, "xmlns")) { soap_attribute(soap, att->name, att->text); break; @@ -5083,7 +5084,7 @@ soap_wsse_verify_EncryptedKey(struct soa if (elt) { att = soap_att_get(elt, NULL, "EncodingType"); - if (att) + if (att && soap_att_get_text(att)) keybase = !strcmp(soap_att_get_text(att), wsse_Base64BinaryURI); att = soap_att_get(elt, NULL, "ValueType"); keytype = soap_att_get_text(att); @@ -5133,7 +5134,7 @@ soap_wsse_verify_EncryptedKey(struct soa { int keylen; DBGLOG(TEST, SOAP_MESSAGE(fdebug, "Verify EncryptedKey %s alg=%x\n", keyalgo, data->deco_alg)); - if (keydata) + if (keytype && keydata) { if (!strcmp(keytype, wsse_X509v3URI)) { @@ -6102,9 +6103,8 @@ soap_psha256(struct soap *soap, const ch */ static int soap_p_hash(struct soap *soap, const char *hmac_key, size_t hmac_key_len, const char *secret, size_t secretlen, int alg, char HA[], size_t HA_len, char temp[], char *phash, size_t phashlen) { - char *buffer; size_t i; - buffer = (char*)SOAP_MALLOC(soap, HA_len + secretlen); + char *buffer = (char*)SOAP_MALLOC(soap, HA_len + secretlen); if (!buffer) return soap->error = SOAP_EOM; i = 0; @@ -7342,7 +7342,7 @@ soap_wsse_element_begin_out(struct soap soap_strcpy(URI + 1, l + 1, Id); } #endif - if (!strcmp(tag, "SOAP-ENV:Body")) + if (tag && !strcmp(tag, "SOAP-ENV:Body")) { if (soap_element(soap, tag, id, type) || soap_element_start_end_out(soap, NULL)) @@ -7392,7 +7392,7 @@ soap_wsse_element_end_out(struct soap *s } if (data && (!data->encid || soap_tagsearch(data->encid, tag))) { - if (!strcmp(tag, "SOAP-ENV:Body")) + if (tag && !strcmp(tag, "SOAP-ENV:Body")) { if (soap_wsse_encrypt_end(soap)) return soap->error; Index: gsoap-2.8.102/gsoap/plugin/wsseapi.cpp =================================================================== --- gsoap-2.8.102.orig/gsoap/plugin/wsseapi.cpp +++ gsoap-2.8.102/gsoap/plugin/wsseapi.cpp @@ -2956,7 +2956,7 @@ soap_wsse_verify_Password(struct soap *s else { /* check password text */ - if (!strcmp(token->Password->__item, password)) + if (token->Password->__item && !strcmp(token->Password->__item, password)) return SOAP_OK; } } @@ -3118,6 +3118,7 @@ soap_wsse_get_BinarySecurityToken(struct { _wsse__BinarySecurityToken *token = soap_wsse_BinarySecurityToken(soap, id); DBGFUN1("soap_wsse_get_BinarySecurityToken", "id=%s", id?id:""); + *data = NULL; if (token) { *valueType = token->ValueType; @@ -3148,9 +3149,9 @@ soap_wsse_get_BinarySecurityTokenX509(st X509 *cert = NULL; char *valueType = NULL; #if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) - const unsigned char *data; + const unsigned char *data = NULL; #else - unsigned char *data; + unsigned char *data = NULL; #endif int size; DBGFUN1("soap_wsse_get_BinarySecurityTokenX509", "id=%s", id?id:""); @@ -3270,7 +3271,7 @@ int SOAP_FMAC2 soap_wsse_add_SecurityContextToken(struct soap *soap, const char *id, const char *identifier) { - char *URI; + char *URI = NULL; size_t l; _wsse__Security *security = soap_wsse_add_Security(soap); DBGFUN2("soap_wsse_add_SecurityContextToken", "id=%s", id, "identifier=%s", identifier?identifier:""); @@ -3652,7 +3653,7 @@ soap_wsse_add_SignatureValue(struct soap { ds__SignatureType *signature = soap_wsse_add_Signature(soap); const char *method = NULL; - char *sig; + char *sig = NULL; int siglen; int err; const char *c14ninclude = soap->c14ninclude; @@ -3883,10 +3884,10 @@ soap_wsse_verify_SignatureValue(struct s && signature->SignedInfo && signature->SignatureValue) { - char *sig; - const char *sigval; + char *sig = NULL; + const char *sigval = NULL; int method, bits, siglen, sigvallen; - struct soap_dom_element *elt; + struct soap_dom_element *elt = NULL; /* check that we are using the intended signature algorithm */ if (soap_wsse_get_SignedInfo_SignatureMethod(soap, &method, &bits)) return soap->error; @@ -3943,8 +3944,8 @@ soap_wsse_verify_SignatureValue(struct s for (att = prt->atts; att; att = att->next) { DBGLOG(TEST, SOAP_MESSAGE(fdebug, "DOM attribute = %s\n", att->name)); - if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6))) - soap_attribute(soap, att->name, att->text); + if (att->name && att->text && !strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6))) + (void)soap_attribute(soap, att->name, att->text); } } /* push xmlns="..." */ @@ -3952,7 +3953,7 @@ soap_wsse_verify_SignatureValue(struct s { for (att = prt->atts; att; att = att->next) { - if (!strcmp(att->name, "xmlns")) + if (att->name && att->text && !strcmp(att->name, "xmlns")) { soap_attribute(soap, att->name, att->text); break; @@ -4243,7 +4244,7 @@ soap_wsse_verify_digest(struct soap *soa { for (att = prt->atts; att; att = att->next) { - if (!strcmp(att->name, "xmlns")) + if (att->name && att->text && !strcmp(att->name, "xmlns")) { soap_attribute(soap, att->name, att->text); break; @@ -5083,7 +5084,7 @@ soap_wsse_verify_EncryptedKey(struct soa if (elt) { att = soap_att_get(elt, NULL, "EncodingType"); - if (att) + if (att && soap_att_get_text(att)) keybase = !strcmp(soap_att_get_text(att), wsse_Base64BinaryURI); att = soap_att_get(elt, NULL, "ValueType"); keytype = soap_att_get_text(att); @@ -5133,7 +5134,7 @@ soap_wsse_verify_EncryptedKey(struct soa { int keylen; DBGLOG(TEST, SOAP_MESSAGE(fdebug, "Verify EncryptedKey %s alg=%x\n", keyalgo, data->deco_alg)); - if (keydata) + if (keytype && keydata) { if (!strcmp(keytype, wsse_X509v3URI)) { @@ -6102,9 +6103,8 @@ soap_psha256(struct soap *soap, const ch */ static int soap_p_hash(struct soap *soap, const char *hmac_key, size_t hmac_key_len, const char *secret, size_t secretlen, int alg, char HA[], size_t HA_len, char temp[], char *phash, size_t phashlen) { - char *buffer; size_t i; - buffer = (char*)SOAP_MALLOC(soap, HA_len + secretlen); + char *buffer = (char*)SOAP_MALLOC(soap, HA_len + secretlen); if (!buffer) return soap->error = SOAP_EOM; i = 0; @@ -7342,7 +7342,7 @@ soap_wsse_element_begin_out(struct soap soap_strcpy(URI + 1, l + 1, Id); } #endif - if (!strcmp(tag, "SOAP-ENV:Body")) + if (tag && !strcmp(tag, "SOAP-ENV:Body")) { if (soap_element(soap, tag, id, type) || soap_element_start_end_out(soap, NULL)) @@ -7392,7 +7392,7 @@ soap_wsse_element_end_out(struct soap *s } if (data && (!data->encid || soap_tagsearch(data->encid, tag))) { - if (!strcmp(tag, "SOAP-ENV:Body")) + if (tag && !strcmp(tag, "SOAP-ENV:Body")) { if (soap_wsse_encrypt_end(soap)) return soap->error;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor